Posted on 03-28-2022 08:48 AM
Hi,
We need to have a log in jamf showing users change of their password.
This is requested for AD mobile accounts and especially for local accounts.
Jamf cannot make it natively.
Any idea on how to make using script, custom extension or else ?
Thanks
Solved! Go to Solution.
Posted on 03-31-2022 09:51 PM
Hey Eskobar,
I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps.
#!/bin/bash
# Extension attribute to grab the last password
# change for the last logged on user
# Created 3.31.2022 @robjschroeder
# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
tail -n +2 |
plutil -extract passwordLastSetTime xml1 -o - -- - |
sed -n "s/<real>\([0-9]*\).*/\1/p"))
echo "<result>$lastPWChange</result>"
exit 0
Posted on 03-31-2022 09:51 PM
Hey Eskobar,
I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps.
#!/bin/bash
# Extension attribute to grab the last password
# change for the last logged on user
# Created 3.31.2022 @robjschroeder
# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
tail -n +2 |
plutil -extract passwordLastSetTime xml1 -o - -- - |
sed -n "s/<real>\([0-9]*\).*/\1/p"))
echo "<result>$lastPWChange</result>"
exit 0
Posted on 04-06-2022 01:14 AM
Script works just fine.
Jamf can now get password changes for binded/mobile accounts.
Thanks for the great help.
Kudos
Posted on 04-08-2022 05:33 AM
The extension attribute is grabbing only 20% of all macs.
Many of them are networked with recent last check in/Last Inventory Update. However, the extension remains empty !
Any idea ?
Regards,